CVE-2017-1000487

CRITICAL

Plexus-utils <3.0.16 - Command Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2017-1000487. PoCs published by dawetmaster, andikahilmy, shoucheng3.

AI-analyzed exploit summary This repository contains the vulnerable source code of plexus-utils, specifically the AbstractScanner.java file, which is affected by CVE-2017-1000487. The vulnerability involves improper handling of file paths, leading to potential arbitrary file read/write operations.

Description

Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.

Exploits (3)

nomisec WORKING POC
by dawetmaster · poc
https://github.com/dawetmaster/CVE-2017-1000487-plexus-utils-vulnerable

This repository contains the vulnerable source code of plexus-utils, specifically the AbstractScanner.java file, which is affected by CVE-2017-1000487. The vulnerability involves improper handling of file paths, leading to potential arbitrary file read/write operations.

Classification
Working Poc 90%
Attack Type
Other
Complexity
Moderate
Reliability
Reliable
Target: plexus-utils (versions prior to 3.0.24)
No auth needed
Prerequisites: Access to a system using plexus-utils with vulnerable file path handling
devstral-2 · analyzed Mar 14, 2026 Full analysis →
nomisec WRITEUP
by andikahilmy · poc
https://github.com/andikahilmy/CVE-2017-1000487-plexus-utils-vulnerable

This repository contains the vulnerable source code of plexus-utils, specifically the AbstractScanner.java file, which is affected by CVE-2017-1000487. The code demonstrates the vulnerable patterns and file scanning logic but does not include an exploit or detailed analysis.

Classification
Writeup 90%
Attack Type
Other
Complexity
Moderate
Reliability
Theoretical
Target: plexus-utils (version not specified)
No auth needed
Prerequisites: Access to a system using vulnerable plexus-utils
devstral-2 · analyzed Feb 18, 2026 Full analysis →
nomisec WRITEUP
by shoucheng3 · poc
https://github.com/shoucheng3/codehaus-plexus__plexus-utils_CVE-2017-1000487_3-0-15

This repository contains the source code of the vulnerable version of plexus-utils (3.0.15) affected by CVE-2017-1000487, a command injection vulnerability in the `InterpolationFilterReader` class. The provided files include the vulnerable code but do not contain an exploit or detailed analysis.

Classification
Writeup 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Theoretical
Target: plexus-utils 3.0.15
No auth needed
Prerequisites: Application using vulnerable plexus-utils version
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (11)

Core 11
Core References
Third Party Advisory vendor-advisory x_refsource_debian
https://www.debian.org/security/2018/dsa-4149
Third Party Advisory vendor-advisory x_refsource_debian
https://www.debian.org/security/2018/dsa-4146
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2018/01/msg00010.html
Third Party Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2018:1322
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2018/01/msg00011.html
Patch, Third Party Advisory x_refsource_misc
https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSPLEXUS-31522

Scores

CVSS v3 9.8
EPSS 0.0780
EPSS Percentile 92.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-78
Status published
Products (5)
codehaus-plexus/plexus-utils < 3.0.16
debian/debian_linux 7.0
debian/debian_linux 8.0
debian/debian_linux 9.0
org.codehaus.plexus/plexus-utils 0 - 3.0.16Maven
Published Jan 03, 2018
Tracked Since Feb 18, 2026